f065e99adf
This patch replces the remaining usage of absolute name in 'require', and makes all class inclusion depend on relative name. Change-Id: Ic4698d309e899303c7e2566187fb21a442fb930d
254 lines
8.0 KiB
Puppet
254 lines
8.0 KiB
Puppet
# == Class: n1kv_vem
|
|
#
|
|
# Deploy N1KV VEM on compute and network nodes.
|
|
# Support exists and tested for RedHat.
|
|
# (For Ubuntu/Debian platforms few changes and testing pending.)
|
|
#
|
|
# === Parameters
|
|
# [*n1kv_vsm_ip*]
|
|
# (required) N1KV VSM(Virtual Supervisor Module) VM's IP.
|
|
# Defaults to 127.0.0.1
|
|
#
|
|
# [*n1kv_vsm_ipv6*]
|
|
# (required) N1KV VSM(Virtual Supervisor Module) VM's IP.
|
|
# Defaults to ::1
|
|
#
|
|
# [*n1kv_vsm_domain_id*]
|
|
# (required) N1KV VSM DomainID.
|
|
# Defaults to 1000
|
|
#
|
|
# [*host_mgmt_intf*]
|
|
# (required) Management Interface of node where VEM will be installed.
|
|
# Defaults to eth1
|
|
#
|
|
# [*uplink_profile*]
|
|
# (optional) Uplink Interfaces that will be managed by VEM. The uplink
|
|
# port-profile that configures these interfaces should also be specified.
|
|
# (format)
|
|
# $uplink_profile = { 'eth1' => 'profile1',
|
|
# 'eth2' => 'profile2'
|
|
# },
|
|
# Defaults to empty
|
|
#
|
|
# [*vtep_config*]
|
|
# (optional) Virtual tunnel interface configuration.
|
|
# Eg:VxLAN tunnel end-points.
|
|
# (format)
|
|
# $vtep_config = { 'vtep1' => { 'profile' => 'virtprof1',
|
|
# 'ipmode' => 'dhcp'
|
|
# },
|
|
# 'vtep2' => { 'profile' => 'virtprof2',
|
|
# 'ipmode' => 'static',
|
|
# 'ipaddress' => '192.168.1.1',
|
|
# 'netmask' => '255.255.255.0'
|
|
# }
|
|
# },
|
|
# Defaults to empty
|
|
#
|
|
# [*node_type*]
|
|
# (optional). Specify the type of node: 'compute' (or) 'network'.
|
|
# Defaults to 'compute'
|
|
#
|
|
# All the above parameter values will be used in the config file: n1kv.conf
|
|
#
|
|
# [*vteps_in_same_subnet*]
|
|
# (optional)
|
|
# The VXLAN tunnel interfaces created on VEM can belong to same IP-subnet.
|
|
# In such case, set this parameter to true. This results in below
|
|
# 'sysctl:ipv4' values to be modified.
|
|
# rp_filter (reverse path filtering) set to 2(Loose).Default is 1(Strict)
|
|
# arp_ignore (arp reply mode) set to 1:reply only if target ip matches
|
|
# that of incoming interface. Default is 0
|
|
# arp_announce (arp announce mode) set to 1. Default is 0
|
|
# Please refer Linux Documentation for detailed description
|
|
# http://lxr.free-electrons.com/source/Documentation/networking/ip-sysctl.txt
|
|
#
|
|
# If the tunnel interfaces are not in same subnet set this parameter to false.
|
|
# Note that setting to false causes no change in the sysctl settings and does
|
|
# not revert the changes made if it was originally set to true on a previous
|
|
# catalog run.
|
|
#
|
|
# Defaults to false
|
|
#
|
|
# [*n1kv_source*]
|
|
# (optional)
|
|
# n1kv_source ==> VEM package location. One of below
|
|
# A)URL of yum repository that hosts VEM package.
|
|
# B)VEM RPM/DPKG file name, If present locally in 'files' folder
|
|
# C)If not specified, assumes that VEM image is available in
|
|
# default enabled repositories.
|
|
# Defaults to empty
|
|
#
|
|
# [*n1kv_version*]
|
|
# (optional). Specify VEM package version to be installed.
|
|
# Not applicable if 'n1kv_source' is a file. (Option-B above)
|
|
# Defaults to 'present'
|
|
#
|
|
# [*package_ensure*]
|
|
# (optional) Ensure state for dependent packages: Openvswitch/libnl.
|
|
# Defaults to 'present'.
|
|
#
|
|
# [*enable*]
|
|
# (optional) Enable state for service. Defaults to 'true'.
|
|
#
|
|
# [*manage_service*]
|
|
# (optional) Whether to start/stop the service
|
|
# Defaults to true
|
|
#
|
|
# [*portdb*]
|
|
# (optional) PortDB (ovs|vem)
|
|
# Defaults to ovs
|
|
#
|
|
# [*fastpath_flood*]
|
|
# (optional) Handle broadcast floods and unknown pkts in fastpath(KLM)
|
|
# Defaults to enable
|
|
#
|
|
class neutron::agents::n1kv_vem (
|
|
$n1kv_vsm_ip = '127.0.0.1',
|
|
$n1kv_vsm_ipv6 = '::1',
|
|
$n1kv_vsm_domain_id = 1000,
|
|
$host_mgmt_intf = 'eth1',
|
|
$uplink_profile = {},
|
|
$vtep_config = {},
|
|
$node_type = 'compute',
|
|
$vteps_in_same_subnet = false,
|
|
$n1kv_source = '',
|
|
$n1kv_version = 'present',
|
|
$package_ensure = 'present',
|
|
$enable = true,
|
|
$manage_service = true,
|
|
$portdb = 'ovs',
|
|
$fastpath_flood = 'enable'
|
|
) {
|
|
|
|
include neutron::deps
|
|
include neutron::params
|
|
require vswitch::ovs
|
|
|
|
Exec { path => [ '/bin/', '/sbin/' , '/usr/bin/', '/usr/sbin/' ] }
|
|
|
|
if($::osfamily != 'Redhat') {
|
|
#current support exists for Redhat family.
|
|
#Support for Debian will be added soon.
|
|
fail("Unsupported osfamily ${::osfamily}")
|
|
}
|
|
|
|
#Check source of n1kv-vem image:yum-repo (or) local file in 'files' directory
|
|
if $n1kv_source != '' {
|
|
if ($n1kv_source =~ /^http/) or ($n1kv_source =~ /^ftp/) {
|
|
$vemimage_uri = 'repo'
|
|
} else {
|
|
$vemimage_uri = 'file'
|
|
$vemtgtimg = "/var/n1kv/${n1kv_source}"
|
|
}
|
|
} else {
|
|
$vemimage_uri = 'unspec'
|
|
}
|
|
|
|
|
|
package { 'libnl':
|
|
ensure => $package_ensure,
|
|
name => $::neutron::params::libnl_package,
|
|
tag => ['neutron-support-package'],
|
|
}
|
|
|
|
file {
|
|
'/etc/n1kv':
|
|
ensure => directory,
|
|
owner => 'root',
|
|
group => 'root',
|
|
mode => '0755';
|
|
'/var/n1kv':
|
|
ensure => directory,
|
|
owner => 'root',
|
|
group => 'root',
|
|
mode => '0755',
|
|
}
|
|
|
|
#specify template corresponding to 'n1kv.conf'
|
|
file {'/etc/n1kv/n1kv.conf':
|
|
ensure => present,
|
|
owner => 'root',
|
|
group => 'root',
|
|
mode => '0664',
|
|
content => template('neutron/n1kv.conf.erb'),
|
|
require => File['/etc/n1kv'],
|
|
}
|
|
|
|
if $vemimage_uri == 'file' {
|
|
#specify location on target-host where image file will be downloaded to.
|
|
#Later vem package: 'nexus1000v' will be installed from this file.
|
|
file { $vemtgtimg:
|
|
owner => 'root',
|
|
group => 'root',
|
|
mode => '0664',
|
|
source => "puppet:///modules/neutron/${n1kv_source}",
|
|
require => File['/var/n1kv'],
|
|
}
|
|
package {'nexus1000v':
|
|
ensure => $n1kv_version,
|
|
provider => $::neutron::params::package_provider,
|
|
source => $vemtgtimg,
|
|
tag => ['neutron-support-package', 'openstack'],
|
|
require => File[$vemtgtimg]
|
|
}
|
|
} else {
|
|
if $vemimage_uri == 'repo' {
|
|
#vem package: 'nexus1000v' will be downloaded and installed
|
|
#from below repo.
|
|
yumrepo { 'cisco-vem-repo':
|
|
baseurl => $n1kv_source,
|
|
descr => 'Repo for VEM Image',
|
|
enabled => 1,
|
|
gpgcheck => 1,
|
|
gpgkey => "${n1kv_source}/RPM-GPG-KEY"
|
|
#proxy => '_none_',
|
|
}
|
|
warning('cisco-vem-repo repository management is deprecated, it will be dropped in a future release.')
|
|
}
|
|
package {'nexus1000v':
|
|
ensure => $package_ensure,
|
|
tag => ['neutron-support-package', 'openstack'],
|
|
}
|
|
}
|
|
warning('nexus1000v package management is deprecated, it will be dropped in a future release.')
|
|
|
|
if $manage_service {
|
|
if $enable {
|
|
$service_ensure = 'running'
|
|
} else {
|
|
$service_ensure = 'stopped'
|
|
}
|
|
}
|
|
|
|
service { 'nexus1000v':
|
|
ensure => $service_ensure,
|
|
}
|
|
warning('nexus1000v service management is deprecated, it will be dropped in a future release.')
|
|
|
|
#Upon config change in 'n1kv.conf' execute below 'vemcmd reread config'.
|
|
#No need to restart service.
|
|
exec { 'vemcmd reread config':
|
|
subscribe => File['/etc/n1kv/n1kv.conf'],
|
|
refreshonly => true,
|
|
require => Service['nexus1000v']
|
|
}
|
|
|
|
if $vteps_in_same_subnet == true {
|
|
$my_sysctl_settings = {
|
|
'net.ipv4.conf.default.rp_filter' => { value => 2 },
|
|
'net.ipv4.conf.all.rp_filter' => { value => 2 },
|
|
'net.ipv4.conf.default.arp_ignore' => { value => 1 },
|
|
'net.ipv4.conf.all.arp_ignore' => { value => 1 },
|
|
'net.ipv4.conf.all.arp_announce' => { value => 2 },
|
|
'net.ipv4.conf.default.arp_announce' => { value => 2 },
|
|
}
|
|
create_resources(sysctl::value,$my_sysctl_settings)
|
|
}
|
|
|
|
Package['libnl'] -> Package['nexus1000v']
|
|
Service['openvswitch'] ~> Package['nexus1000v']
|
|
File['/etc/n1kv/n1kv.conf'] -> Package['nexus1000v']
|
|
Package['nexus1000v'] ~> Service['nexus1000v']
|
|
}
|